From Penn State News:
Sophisticated cyber crime methods are changing the definition of hacking
More than 100 banks in 30 countries have joined the ranks of Anthem Blue Cross Blue Shield and Sony Pictures. As targets of unprecedented, and likely some of the most costly, cyber attacks in history, the financial institutions, insurance company and film studio are reeling after record-setting amounts of data, money, internal emails and more were stolen by hacker groups, which in some instances are believed to have been sanctioned by nation-states. Just last year, thieves behind the Target and Home Depot breaches made off with customer credit card numbers and cost the corporations millions of dollars.
The purpose of this blog is to help small-medium businesses (SMB's) deal effectively with their unique cyber security needs. With over 15 years experience in IT and cyber security I will show SMB's how they can leverage their limited resources to develop effective cyber defenses to the most common threats using information security best practices and no/low cost tools.
LinkedIn: http://www.linkedin.com/in/ecissorsky/
Twitter: @ecissorsky
Friday, March 13, 2015
TorrentLocker Ransomware Uses Email Authentication to Refine Spam Runs
From Trend Labs Security Intelligence Blog:
TorrentLocker Ransomware Uses Email Authentication to Refine Spam Runs
In monitoring the ransomware TorrentLocker, we noticed a new development in its arrival vector. In previous entries, we noted that a particular wave of the crypto-ransomware was using spammed messages that were designed to evade spam filters. Our research now shows that TorrentLocker malware are using emails that are designed to pass spam filters and also collect information.
TorrentLocker Ransomware Uses Email Authentication to Refine Spam Runs
In monitoring the ransomware TorrentLocker, we noticed a new development in its arrival vector. In previous entries, we noted that a particular wave of the crypto-ransomware was using spammed messages that were designed to evade spam filters. Our research now shows that TorrentLocker malware are using emails that are designed to pass spam filters and also collect information.
Extended Validation Certificates: Warning Against MITM Attacks
From Trend Labs Security Intelligence Blog:
Extended Validation Certificates: Warning Against MITM Attacks
The recent Superfish incident has raised more concerns that SSL/TLS connections of users can be intercepted, inspected, and re-encrypted using a private root certificate installed on the user system. In effect, this is a man-in-the-middle (MITM) attack carried out within the user’s own system. We believe that site owners adopting extended validation (EV) certificates would help warn users about possible MITM attacks.
Extended Validation Certificates: Warning Against MITM Attacks
The recent Superfish incident has raised more concerns that SSL/TLS connections of users can be intercepted, inspected, and re-encrypted using a private root certificate installed on the user system. In effect, this is a man-in-the-middle (MITM) attack carried out within the user’s own system. We believe that site owners adopting extended validation (EV) certificates would help warn users about possible MITM attacks.
Pulling Remote Word Documents from RAM using Kali Linux
From Cyberarms blog:
Pulling Remote Word Documents from RAM using Kali Linux
Really enjoyed the article on W00tsec about pulling RAW picture images from memory dumps and thought it would be cool if you could use the same process to pull information from a remote system’s memory using Kali – and you can!
Pulling Remote Word Documents from RAM using Kali Linux
Really enjoyed the article on W00tsec about pulling RAW picture images from memory dumps and thought it would be cool if you could use the same process to pull information from a remote system’s memory using Kali – and you can!
16-28 February 2015 Cyber Attacks Timeline
From Hackmageddon:
16-28 February 2015 Cyber Attacks Timeline
It’s time for the second timeline of February (first timeline here) covering the main cyber attacks occurred between 16 and 28 February 2015 (including also several few attacks that actually happened in the first 15 days).
16-28 February 2015 Cyber Attacks Timeline
It’s time for the second timeline of February (first timeline here) covering the main cyber attacks occurred between 16 and 28 February 2015 (including also several few attacks that actually happened in the first 15 days).
Why the Anthem Breach May Be a Catastrophic Event for US Children
From the Cyveillance Blog:
Why the Anthem Breach May Be a Catastrophic Event for US Children
In all the noise around the stolen customer data at Anthem Healthcare, many have missed what is now a new and very serious risk to American households: millions of children’s social security numbers have been stolen, and will be used in waves of financial crimes over decades to come.
Anthem Healthcare (and other healthcare providers) believe they needed to collect their customers’ children’s names and Social Security Numbers (SSNs) to verify the beneficiaries of their health plans. If this is absolutely necessary, what Anthem should have done thereafter would be to destroy this sensitive information, which currently only resides in two other places in the world – with the U.S. Social Security Administration (the issuer of the SSNs), and with the Internal Revenue Service (needed for parents to claim tax credits for their dependents).
Why the Anthem Breach May Be a Catastrophic Event for US Children
In all the noise around the stolen customer data at Anthem Healthcare, many have missed what is now a new and very serious risk to American households: millions of children’s social security numbers have been stolen, and will be used in waves of financial crimes over decades to come.
Anthem Healthcare (and other healthcare providers) believe they needed to collect their customers’ children’s names and Social Security Numbers (SSNs) to verify the beneficiaries of their health plans. If this is absolutely necessary, what Anthem should have done thereafter would be to destroy this sensitive information, which currently only resides in two other places in the world – with the U.S. Social Security Administration (the issuer of the SSNs), and with the Internal Revenue Service (needed for parents to claim tax credits for their dependents).
FTC Alert: The Grate Pretenders
From the Federal Trade Commission:
The Grate Pretenders
We’re done with the Golden Globes and the Oscars but an entirely different kind of actor is still lurking around: scammers who pretend to be someone they’re not. Sometimes it seems we’re afloat in a sea of imposters who are trying to cheat you by pretending to be from legitimate organizations. Imposter scams play on your emotions. The scammers work hard to make you believe that you’ve won something or you have an unexpected problem. They say that, for a small fee, they’ll send you lots of money or make your troubles disappear. They might encourage you to pay them with a reloadable card or they may ask for your personal information. Here are the top ten imposter scams you told us about last year.
The Grate Pretenders
We’re done with the Golden Globes and the Oscars but an entirely different kind of actor is still lurking around: scammers who pretend to be someone they’re not. Sometimes it seems we’re afloat in a sea of imposters who are trying to cheat you by pretending to be from legitimate organizations. Imposter scams play on your emotions. The scammers work hard to make you believe that you’ve won something or you have an unexpected problem. They say that, for a small fee, they’ll send you lots of money or make your troubles disappear. They might encourage you to pay them with a reloadable card or they may ask for your personal information. Here are the top ten imposter scams you told us about last year.
Feds Admit Stingrays Can Disrupt Cell Service of Bystanders
From Wired:
Feds Admit Stingrays Can Disrupt Cell Service of Bystanders
For years the government has kept mum about its use of a powerful phone surveillance technology known as a stingray.
Feds Admit Stingrays Can Disrupt Cell Service of Bystanders
For years the government has kept mum about its use of a powerful phone surveillance technology known as a stingray.
Cybercrime could become more lucrative than drugs, police chief warns
I don't think there's any "could" here. It either has or quickly will become more lucrative than drugs.
From The Telegraph:
Cybercrime could become more lucrative than drugs, police chief warns
Adrian Leppard, the Commissioner of the City of London Police, says at least a quarter of organised criminals in Britain are now involved in online fraud
From The Telegraph:
Cybercrime could become more lucrative than drugs, police chief warns
Adrian Leppard, the Commissioner of the City of London Police, says at least a quarter of organised criminals in Britain are now involved in online fraud
How a Blu-ray disc could install malware on your computer
I fear that as more devices join the Internet of Things (IoT) this will become more common.
From PCWorld:
How a Blu-ray disc could install malware on your computer
A pair of vulnerabilities found in hardware and software for playing Blu-ray discs might come in handy for secret snooping by the U.S. National Security Agency.
Stephen Tomkinson of NCC Group, a U.K.-based security consultancy, engineered a Blu-ray disc which detects the type of player the disc is running on and then picks one of two exploits to land malware on a computer. He presented the research at the Securi-Tay conference at Abertay University in Scotland on Friday.
From PCWorld:
How a Blu-ray disc could install malware on your computer
A pair of vulnerabilities found in hardware and software for playing Blu-ray discs might come in handy for secret snooping by the U.S. National Security Agency.
Stephen Tomkinson of NCC Group, a U.K.-based security consultancy, engineered a Blu-ray disc which detects the type of player the disc is running on and then picks one of two exploits to land malware on a computer. He presented the research at the Securi-Tay conference at Abertay University in Scotland on Friday.
Listen up! Qualcomm's ultrasonic 3D fingerprint scanner could one day give passwords the finger (hands-on)
From C/Net:
Listen up! Qualcomm's ultrasonic 3D fingerprint scanner could one day give passwords the finger (hands-on)
Sound waves aren't just for voices. They're also adept at priming your prints, and one day replacing your passwords.
Listen up! Qualcomm's ultrasonic 3D fingerprint scanner could one day give passwords the finger (hands-on)
Sound waves aren't just for voices. They're also adept at priming your prints, and one day replacing your passwords.
You got hacked. Cybersecurity stocks soar
From CNNMoney:
You got hacked. Cybersecurity stocks soar
You got hacked. Cybersecurity stocks soar
Companies keep getting hacked. And that's music to the ears of the executives and investors in cybersecurity companies.
February has been a phenomenal month for the overall stock market. The S&P 500 is up about 6%. But companies that help mitigate the damage from major attacks have done even better.Anthem Breach Evidence Points to China, Security Researchers Say
From eWeek:
Anthem Breach Evidence Points to China, Security Researchers Say
Security researchers have traced the theft of customer data from health insurer Anthem's data systems to a professor at a Chinese university with links to a defense contractor.
Anthem Breach Evidence Points to China, Security Researchers Say
Security researchers have traced the theft of customer data from health insurer Anthem's data systems to a professor at a Chinese university with links to a defense contractor.
Biometrics Is Helping Defend Against Cyber Attacks in Health-Care Industry
Note: Look at source, may be a little biased.
From Security Sales & Integration:
Biometrics Is Helping Defend Against Cyber Attacks in Health-Care Industry
To help prevent cyber espionage and enhance patient safety, medical companies have begun adopting an array of biometrics security systems that use data from a patient’s fingerprint, iris, veins or face. The new technologies are intended to deter the incentive for hacking incidents by removing reliance on information that’s easy to steal and can easily identify patients.
From Security Sales & Integration:
Biometrics Is Helping Defend Against Cyber Attacks in Health-Care Industry
To help prevent cyber espionage and enhance patient safety, medical companies have begun adopting an array of biometrics security systems that use data from a patient’s fingerprint, iris, veins or face. The new technologies are intended to deter the incentive for hacking incidents by removing reliance on information that’s easy to steal and can easily identify patients.
Shadow Cloud Services a serious risk for Government Networks
Not just government, these are a threat to SOHO/SMB's. For example, if you're a medical practice and have employees; billing, NP's/PA's or Dr.s storing data on a service like Google Drive so they can work on it from home or a public hot spot you could have serious problems.
From Security Affairs:
Shadow Cloud Services a serious risk for Government Networks
Cloud Security Alliance revealed that shadow cloud service used by employees and unmanaged by IT can pose a major security problem for organizations.
From Security Affairs:
Shadow Cloud Services a serious risk for Government Networks
Cloud Security Alliance revealed that shadow cloud service used by employees and unmanaged by IT can pose a major security problem for organizations.
FireEye Assessment of 7 Million iOS and Android Apps shows a disconcerting scenario
From Security Affairs:
FireEye Assessment of 7 Million iOS and Android Apps shows a disconcerting scenario
FireEye released a report containing the results of a comprehensive Mobile Threat Assessment of 7 Million iOS and Android Apps.
FireEye Assessment of 7 Million iOS and Android Apps shows a disconcerting scenario
FireEye released a report containing the results of a comprehensive Mobile Threat Assessment of 7 Million iOS and Android Apps.
Tor Browser 4_0_4 Release improves security and privacy
From Security Affairs:
Tor Browser 4_0_4 Release improves security and privacy
The Tor Project has announced a new version of Tor Browser Bundle, Tor version 4.0.4, that improves privacy and security features.
Tor Browser 4_0_4 Release improves security and privacy
The Tor Project has announced a new version of Tor Browser Bundle, Tor version 4.0.4, that improves privacy and security features.
Thursday, March 12, 2015
Amazon ‘Order Details’ Email Delivers Malware
From HackRead:
Amazon ‘Order Details’ Email Delivers Malware
Lately an email from Amazon has been hitting the inbox of unsuspecting users all over the world.
This email has been masqueraded as an order notification message from the famed marketplace Amazon.com.
Amazon ‘Order Details’ Email Delivers Malware
Lately an email from Amazon has been hitting the inbox of unsuspecting users all over the world.
This email has been masqueraded as an order notification message from the famed marketplace Amazon.com.
Suits and Hoodies: The Two Cybersecurity Cultures
From The Atlantic:
Suits and Hoodies: The Two Cybersecurity Cultures
The dress code said it all.
When Admiral Michael S. Rogers, director of the National Security Agency, Cyber Command Commander, and recipient of the Navy Distinguished Service Medal recently walked into a cybersecurity conference, his uniform bore 20 ribbons and four badges from his esteemed Navy career. Rogers’ hair was neat and precise, in full compliance with Navy regulation on grooming standards for personal appearance.
Suits and Hoodies: The Two Cybersecurity Cultures
The dress code said it all.
When Admiral Michael S. Rogers, director of the National Security Agency, Cyber Command Commander, and recipient of the Navy Distinguished Service Medal recently walked into a cybersecurity conference, his uniform bore 20 ribbons and four badges from his esteemed Navy career. Rogers’ hair was neat and precise, in full compliance with Navy regulation on grooming standards for personal appearance.
Uber Database Breach Exposed Information Of 50,000 Drivers, Company Confirms
From TechCrunch:
Uber Database Breach Exposed Information Of 50,000 Drivers, Company Confirms
Uber announced today that its database was breached by an unauthorized third party last year. The company confirmed the breach in a company blog post published this afternoon, authored by Uber’s managing counsel of data private Katherine Tassi.
Uber Database Breach Exposed Information Of 50,000 Drivers, Company Confirms
Uber announced today that its database was breached by an unauthorized third party last year. The company confirmed the breach in a company blog post published this afternoon, authored by Uber’s managing counsel of data private Katherine Tassi.
Dridex Downloader Analysis
From InfosSec Institute:
Dridex Downloader Analysis
Yesterday I received in my company inbox an email with an attached .xlsm file named D92724446.xlsm coming from Clare588@78-83-77-53.spectrumnet.bg. Central and local AV engines did not find anything malicious, and a multiengine scan got 0/57 as result. I decided to investigate a little more in-depth in order to confirm that was a malicious file and to extract at least the code I was imagining being inside this document.
Dridex Downloader Analysis
Yesterday I received in my company inbox an email with an attached .xlsm file named D92724446.xlsm coming from Clare588@78-83-77-53.spectrumnet.bg. Central and local AV engines did not find anything malicious, and a multiengine scan got 0/57 as result. I decided to investigate a little more in-depth in order to confirm that was a malicious file and to extract at least the code I was imagining being inside this document.
BlackPhone maker Silent Circle announces $50 million in funding
From ars technica:
BlackPhone maker Silent Circle announces $50 million in funding
The BlackPhone, a $600-plus encrypted Android handset designed to keep the prying eyes of criminals and the government out of mobile communications, is now fully owned by Silent Circle thanks to the company raking in investment cash.
Terms of the buyout deal with Spanish smartphone maker Geeksphone, the phone's hardware manufacturer, were not disclosed. Silent Circle said Thursday that it has raised $50 million and plans on showing off an encrypted "enterprise privacy ecosystem" at World Mobile Congress next week. A BlackPhone tablet is on the way, too.
BlackPhone maker Silent Circle announces $50 million in funding
The BlackPhone, a $600-plus encrypted Android handset designed to keep the prying eyes of criminals and the government out of mobile communications, is now fully owned by Silent Circle thanks to the company raking in investment cash.
Terms of the buyout deal with Spanish smartphone maker Geeksphone, the phone's hardware manufacturer, were not disclosed. Silent Circle said Thursday that it has raised $50 million and plans on showing off an encrypted "enterprise privacy ecosystem" at World Mobile Congress next week. A BlackPhone tablet is on the way, too.
Cyber attackers like to impersonate IT workers
From Help Net Security:
Cyber attackers like to impersonate IT workers
Mandiant, the (apparent) go-to firm for the forensic investigation of high-profile breaches, has released its annual M-Trends report (registration required), which shows that the threat landscape is more complex than ever.
Cyber attackers like to impersonate IT workers
Mandiant, the (apparent) go-to firm for the forensic investigation of high-profile breaches, has released its annual M-Trends report (registration required), which shows that the threat landscape is more complex than ever.
Hackers target health care as industry goes digital
From CSO Online:
Hackers target health care as industry goes digital
With more health providers and insurers incorporating IT into clinical care, hackers are viewing the health care industry as their next target.
"Cybercriminals know that the health industry is moving into EHRs and there's more data to steal," said Ann Peterson, program director at the Medical Identity Fraud Alliance, an organization that works to reduce medical fraud.
Hackers target health care as industry goes digital
With more health providers and insurers incorporating IT into clinical care, hackers are viewing the health care industry as their next target.
"Cybercriminals know that the health industry is moving into EHRs and there's more data to steal," said Ann Peterson, program director at the Medical Identity Fraud Alliance, an organization that works to reduce medical fraud.
5 billion Android apps open to hack
From CNBC:
5 billion Android apps open to hack
Over five billion downloaded Android apps are vulnerable to being hacked, cybersecurity researchers have found, as attackers exploit flaws in Google's operating system.
5 billion Android apps open to hack
Over five billion downloaded Android apps are vulnerable to being hacked, cybersecurity researchers have found, as attackers exploit flaws in Google's operating system.
What The Sony Hack Can Teach About Cyber Security
From Forbes:
What The Sony Hack Can Teach About Cyber Security
Recent large-scale information breaches have raised the awareness of the dangers of corporate cyber security. Sony’s breach is the most famous but there have also been attacks on Lenovo in the last week and other companies such as JPMorgan Chase and Home Depot in the past year.
What The Sony Hack Can Teach About Cyber Security
Recent large-scale information breaches have raised the awareness of the dangers of corporate cyber security. Sony’s breach is the most famous but there have also been attacks on Lenovo in the last week and other companies such as JPMorgan Chase and Home Depot in the past year.
Hacking: Why Any Business Can Be At Risk And How To Prevent It
From Forbes:
Hacking: Why Any Business Can Be At Risk And How To Prevent It
The term ‘ethical hacking’ may seem like something of an oxymoron, but it is a precaution that should be of interest to almost all businesses.
This is because any business could be a victim of some form of hacking. A 2013 study by Pierre Audoin Consultants on behalf of the UK government’s Department for Business Innovation and Skills (BIS) reported that: “The 2013 Information Security Breaches Survey has shown that 87% of small businesses across all sectors experienced a breach within the last year. This represents an increase of over 10% from 2012.”
Hacking: Why Any Business Can Be At Risk And How To Prevent It
The term ‘ethical hacking’ may seem like something of an oxymoron, but it is a precaution that should be of interest to almost all businesses.
This is because any business could be a victim of some form of hacking. A 2013 study by Pierre Audoin Consultants on behalf of the UK government’s Department for Business Innovation and Skills (BIS) reported that: “The 2013 Information Security Breaches Survey has shown that 87% of small businesses across all sectors experienced a breach within the last year. This represents an increase of over 10% from 2012.”
Medical identity theft affected two million victims in 2014
From Help Net Security:
Medical identity theft affected two million victims in 2014
The number of patients affected by medical identity theft increased nearly 22 percent in the last year, an increase of nearly half a million victims since 2013.
Medical identity theft affected two million victims in 2014
The number of patients affected by medical identity theft increased nearly 22 percent in the last year, an increase of nearly half a million victims since 2013.
How to Sabotage Encryption Software (And Not Get Caught)
From Wired:
How to Sabotage Encryption Software (And Not Get Caught)
In the field of cryptography, a secretly planted “backdoor” that allows eavesdropping on communications is usually a subject of paranoia and dread. But that doesn’t mean cryptographers don’t appreciate the art of skilled cyphersabotage. Now one group of crypto experts has published an appraisal of different methods of weakening crypto systems, and the lesson is that some backdoors are clearly better than others—in stealth, deniability, and even in protecting the victims’ privacy from spies other than the backdoor’s creator.
How to Sabotage Encryption Software (And Not Get Caught)
In the field of cryptography, a secretly planted “backdoor” that allows eavesdropping on communications is usually a subject of paranoia and dread. But that doesn’t mean cryptographers don’t appreciate the art of skilled cyphersabotage. Now one group of crypto experts has published an appraisal of different methods of weakening crypto systems, and the lesson is that some backdoors are clearly better than others—in stealth, deniability, and even in protecting the victims’ privacy from spies other than the backdoor’s creator.
“Cyber Armageddon” not likely to wipe out US, intelligence director says
From ars technica:
“Cyber Armageddon” not likely to wipe out US, intelligence director says
The likelihood that the US will suffer from a "catastrophic" cyber attack is unlikely, the nation's top intelligence officer said Thursday. Instead, the country will be peppered with "low-to-moderate level cyber attacks," James Clapper, the director of national intelligence, told the Senate Armed Services Committee on Thursday.
“Cyber Armageddon” not likely to wipe out US, intelligence director says
The likelihood that the US will suffer from a "catastrophic" cyber attack is unlikely, the nation's top intelligence officer said Thursday. Instead, the country will be peppered with "low-to-moderate level cyber attacks," James Clapper, the director of national intelligence, told the Senate Armed Services Committee on Thursday.
Lenovo.com hijack reportedly pulled off by hack on upstream registrar
Vendors take note. this is what happens when you take advantage or your customers trust. I have a feeling this is just the tip of the iceberg for Lenovo. Normally I would tag this as cybercrime however it is Lenovo who committed the real crime. Again, they make cheap crappy computers, stick with Dell, HP or Toshiba.
From ars technica:
Lenovo.com hijack reportedly pulled off by hack on upstream registrar
Wednesday's hijacking of the Lenovo.com domain name and interception of the company's e-mail was pulled off by first hacking Web Commerce Communications, the registrar that procured the Lenovo address, security journalist Brian Krebs reported.
From ars technica:
Lenovo.com hijack reportedly pulled off by hack on upstream registrar
Wednesday's hijacking of the Lenovo.com domain name and interception of the company's e-mail was pulled off by first hacking Web Commerce Communications, the registrar that procured the Lenovo address, security journalist Brian Krebs reported.
0% Cybersecurity Job Unemployment in Washington
From Network World:
0% Cybersecurity Job Unemployment in Washington
0% Cybersecurity Job Unemployment in Washington
A microcosm that demonstrates the consequences of the global cybersecurity skills shortage
The business and social impacts of cyber security issues
From Help Net Security:
The business and social impacts of cyber security issues
With multiple recent high profile attacks targeting household names and large employers, individuals increasingly fear cyber crime and its resulting consequences at work as well as at home, according to GFI Software.
The business and social impacts of cyber security issues
With multiple recent high profile attacks targeting household names and large employers, individuals increasingly fear cyber crime and its resulting consequences at work as well as at home, according to GFI Software.
QR Codes Engineered into Cybersecurity Protection
From UConn Today:
QR Codes Engineered into Cybersecurity Protection
QR, or Quick Response, codes – those commonly black and white boxes that people scan with a smartphone to learn more about something – have been used to convey information about everything from cereals to cars and new homes.
QR Codes Engineered into Cybersecurity Protection
QR, or Quick Response, codes – those commonly black and white boxes that people scan with a smartphone to learn more about something – have been used to convey information about everything from cereals to cars and new homes.
New DDoS attack and tools use Google Maps plugin as proxy
From Help Net Security:
New DDoS attack and tools use Google Maps plugin as proxy
Attackers are using Joomla servers with a vulnerable Google Maps plugin installed as a platform for launching DDoS attacks.
A known vulnerability in a Google Maps plugin for Joomla allows the plugin to act as a proxy. Attackers spoof (fake) the source of the requests, causing the results to be sent from the proxy to someone else – their denial of service target. The true source of the attack remains unknown, because the attack traffic appears to come from the Joomla servers.
New DDoS attack and tools use Google Maps plugin as proxy
Attackers are using Joomla servers with a vulnerable Google Maps plugin installed as a platform for launching DDoS attacks.
A known vulnerability in a Google Maps plugin for Joomla allows the plugin to act as a proxy. Attackers spoof (fake) the source of the requests, causing the results to be sent from the proxy to someone else – their denial of service target. The true source of the attack remains unknown, because the attack traffic appears to come from the Joomla servers.
Do you trust those online reviews?
From OnGuardOnline:
Do you trust those online reviews?
Thinking about using a company, product, or service based on online reviews? You’re probably interested in getting the best service – and price – for your money. You might have read what other customers have written to help with your decision. But can you always trust those online reviews? Just how credible are they?
Do you trust those online reviews?
Thinking about using a company, product, or service based on online reviews? You’re probably interested in getting the best service – and price – for your money. You might have read what other customers have written to help with your decision. But can you always trust those online reviews? Just how credible are they?
FTC Alert: Consumers told it to the FTC: Top 10 complaints for 2014
From the Federal Trade Commission:
Consumers told it to the FTC: Top 10 complaints for 2014
Today, the FTC announced its top 10 consumer complaints for 2014. Of the more than 2.5 million consumer complaints received…
Consumers told it to the FTC: Top 10 complaints for 2014
Today, the FTC announced its top 10 consumer complaints for 2014. Of the more than 2.5 million consumer complaints received…
FTC Alert: Superfish software on Lenovo notebooks: What you can do
From the Federal Trade Commission:
Superfish software on Lenovo notebooks: What you can do
You may have seen — and been concerned by — news stories about Superfish software on Lenovo notebooks. Lenovo began pre-installing Superfish on certain notebooks in September 2014. But, the software makes it easier for hackers to access your personal information, even when you’re visiting a website, like a bank’s website, that uses HTTPS to encrypt the transmission of sensitive information.
Superfish software on Lenovo notebooks: What you can do
You may have seen — and been concerned by — news stories about Superfish software on Lenovo notebooks. Lenovo began pre-installing Superfish on certain notebooks in September 2014. But, the software makes it easier for hackers to access your personal information, even when you’re visiting a website, like a bank’s website, that uses HTTPS to encrypt the transmission of sensitive information.
The growth of cyber crime and why it may take a Manhattan Project-scale response to stop
From National Post:
The growth of cyber crime and why it may take a Manhattan Project-scale response to stop
Examples are easy. In December, malicious software allowed bank robbers to take as much as $1 billion from institutions in 30 countries. In November, Sony had that little problem with North Korea. In October, hackers snagged 40 million credit and debit card numbers from Target. A few months before that, computer systems at Canada’s National Research Council suffered a massive hit by a cyberattacker.
The growth of cyber crime and why it may take a Manhattan Project-scale response to stop
Examples are easy. In December, malicious software allowed bank robbers to take as much as $1 billion from institutions in 30 countries. In November, Sony had that little problem with North Korea. In October, hackers snagged 40 million credit and debit card numbers from Target. A few months before that, computer systems at Canada’s National Research Council suffered a massive hit by a cyberattacker.
Dusting for Cyber Fingerprints: Coding Style Identifies Anonymous Programmers
From Forensic Magazine:
Dusting for Cyber Fingerprints: Coding Style Identifies Anonymous Programmers
A team of computer scientists, led by researchers from Drexel University’s College of Computing & Informatics, have devised as way to lift the veil of anonymity protecting cyber criminals by turning their malicious code against them. Their method uses a parsing program to break down lines of code, like an English teacher diagramming a sentence, and then another program captures distinctive patterns that can be used to identify its author.
Dusting for Cyber Fingerprints: Coding Style Identifies Anonymous Programmers
A team of computer scientists, led by researchers from Drexel University’s College of Computing & Informatics, have devised as way to lift the veil of anonymity protecting cyber criminals by turning their malicious code against them. Their method uses a parsing program to break down lines of code, like an English teacher diagramming a sentence, and then another program captures distinctive patterns that can be used to identify its author.
Ramnit Botnet Disrupted By International Public-Private Collaboration
From DarkReading:
Ramnit Botnet Disrupted By International Public-Private Collaboration
Europol leads the effort to bring down the bank credential-stealing botnet that infected 3.2 million computers across the globe.
Ramnit Botnet Disrupted By International Public-Private Collaboration
Europol leads the effort to bring down the bank credential-stealing botnet that infected 3.2 million computers across the globe.
Europol's Cybercrime Centre (EC3), with assistance from Symantec, Microsoft, and Anubis Networks, shut down command-and-control servers and redirected 300 domains used by the Ramnit botnet, used mostly for stealing banking credentials. EC3 announced today that the operation was conducted from The Hague on Tuesday and included representatives from the United Kingdom, Germany, Italy, and the Netherlands.
Komodia Certificate Manipulation Likely Led To Man-In-The-Middle Attacks
From ThreatPost:
Komodia Certificate Manipulation Likely Led To Man-In-The-Middle Attacks
The shoddy state of SSL certificate validation on the Internet again floated to the surface, this time by the Superfish mess, which continues to get worse.
Komodia Certificate Manipulation Likely Led To Man-In-The-Middle Attacks
The shoddy state of SSL certificate validation on the Internet again floated to the surface, this time by the Superfish mess, which continues to get worse.
Iran Behind Cyber-Attack on Adelson’s Sands Corp., Clapper Says
From Bloomberg:
Iran Behind Cyber-Attack on Adelson’s Sands Corp., Clapper Says
(Bloomberg) -- The top U.S. intelligence official confirmed for the first time that Iran was behind a cyber attack against the Las Vegas Sands Corp. last year.
Identifying Iran as the perpetrator came more than a year after the Feb. 10, 2014, attack against the world’s largest gambling company, which crippled many of the computer systems that help run the $14 billion operation. Sands’ chairman and chief executive officer and top shareholder is billionaire Sheldon Adelson, a leading U.S. supporter of Israel and of Republican political candidates.
Iran Behind Cyber-Attack on Adelson’s Sands Corp., Clapper Says
(Bloomberg) -- The top U.S. intelligence official confirmed for the first time that Iran was behind a cyber attack against the Las Vegas Sands Corp. last year.
Identifying Iran as the perpetrator came more than a year after the Feb. 10, 2014, attack against the world’s largest gambling company, which crippled many of the computer systems that help run the $14 billion operation. Sands’ chairman and chief executive officer and top shareholder is billionaire Sheldon Adelson, a leading U.S. supporter of Israel and of Republican political candidates.
Target Says Credit Card Data Breach Cost It $162M In 2013-14
From TechCrunch:
Target Says Credit Card Data Breach Cost It $162M In 2013-14
When it comes to data breaches, retailers are one of the biggest targets these days, and today we have some detail on the costs around one of the more high-profile attacks. Target today said that it has booked $162 million in expenses across 2013 and 2014 related to its data breach, in which hackers broke into the company’s network to access credit card information and other customer data, affecting some 70 million customers.
Target Says Credit Card Data Breach Cost It $162M In 2013-14
When it comes to data breaches, retailers are one of the biggest targets these days, and today we have some detail on the costs around one of the more high-profile attacks. Target today said that it has booked $162 million in expenses across 2013 and 2014 related to its data breach, in which hackers broke into the company’s network to access credit card information and other customer data, affecting some 70 million customers.
A Field Guide to the Internet Infrastructure That Hides in Plain Sight
This is so cool. I checked out the web site & it has a lot of useful info for those interested in the connected world around them.
A Field Guide to the Internet Infrastructure That Hides in Plain Sight
The internet is everywhere. In another, more concrete way, it’s inside massive, anonymous buildings and beneath city streets, marked by special manhole covers and cryptic, colorful symbols.
A Field Guide to the Internet Infrastructure That Hides in Plain Sight
The internet is everywhere. In another, more concrete way, it’s inside massive, anonymous buildings and beneath city streets, marked by special manhole covers and cryptic, colorful symbols.
FTC Alert: You (haven’t really) won!
From the Federal Trade Commission:
You (haven’t really) won!
For years, we’ve been hearing about lottery scams: the imposter who convinces you that you’ve won the lottery (you didn’t) – and all you have to do is pay some fees to collect your millions (you won’t). And for years, we’ve been hearing about lottery scams that originate in Jamaica, where telemarketing lottery scams became a cottage industry in some parts of the island.
You (haven’t really) won!
For years, we’ve been hearing about lottery scams: the imposter who convinces you that you’ve won the lottery (you didn’t) – and all you have to do is pay some fees to collect your millions (you won’t). And for years, we’ve been hearing about lottery scams that originate in Jamaica, where telemarketing lottery scams became a cottage industry in some parts of the island.
Wall Street Banks And Law Firms Pairing Up To Take On Cybercrime
From PYMNTS.com:
Wall Street Banks And Law Firms Pairing Up To Take On Cybercrime
That banks are under constant threat of cyberattack is well known – just last week PYMNTS reported on an international bank hack that robbed 100 banks worldwide of an estimated $900 million. Now Wall Street banks and the big law firms that serve them want to do something about it – together.
Wall Street Banks And Law Firms Pairing Up To Take On Cybercrime
That banks are under constant threat of cyberattack is well known – just last week PYMNTS reported on an international bank hack that robbed 100 banks worldwide of an estimated $900 million. Now Wall Street banks and the big law firms that serve them want to do something about it – together.
Security Software Found Using Superfish-Style Code
BAD Vendor! BAD! BAD! BAD! I blogged earlier that despite Superfish Lenovo products were some of the biggest hunks of junk I've ever user. I can also say from personal experience Lavasoft & Comodo products are ones I wouldn't recommend. I've found them to be ineffective, resource hogging applications with many better alternatives. That being said, read on...
From Forensic Magazine:
Security Software Found Using Superfish-Style Code
Two more software makers have been caught adding dangerous, Superfish-style man-in-the-middle code to the applications they publish. The development is significant because it involves AV company Lavasoft and Comodo, a company that issues roughly one-third of the Internet's Transport Layer Security certificates, making it the world's biggest certificate authority.
From Forensic Magazine:
Security Software Found Using Superfish-Style Code
Two more software makers have been caught adding dangerous, Superfish-style man-in-the-middle code to the applications they publish. The development is significant because it involves AV company Lavasoft and Comodo, a company that issues roughly one-third of the Internet's Transport Layer Security certificates, making it the world's biggest certificate authority.
How your phone and fitness band could end up giving evidence against you
From The Guardian:
How your phone and fitness band could end up giving evidence against you
A criminal suspect can’t be forced to divulge their phone passcode, a US circuit court judge ruled in October 2014. Yet law enforcement officials can compel a suspect to provide a fingerprint – which they can then use to unlock the phone and obtain data which may prove the case against them.
How your phone and fitness band could end up giving evidence against you
A criminal suspect can’t be forced to divulge their phone passcode, a US circuit court judge ruled in October 2014. Yet law enforcement officials can compel a suspect to provide a fingerprint – which they can then use to unlock the phone and obtain data which may prove the case against them.
How Hackers Abused Tor To Rob Blockchain, Steal Bitcoin, Target Private Email And Get Away With It
From Forbes:
How Hackers Abused Tor To Rob Blockchain, Steal Bitcoin, Target Private Email And Get Away With It
Across October and November of last year, some unlucky users of the world’s most popular Bitcoin wallet, Blockchain.info, and one of the better-known exchanges, LocalBitcoins, had their usernames and passwords silently pilfered. They were robbed of significant sums, probably tens of thousands of dollars worth of the virtual currency, possibly more. Security-focused email services, Riseup and Safe-mail were also targeted by the same crew. And according to the man who witnessed the attacks go off last year, Digital Assurance director Greg Jones, it looks like buyers and sellers of dark markets were the targets.
How Hackers Abused Tor To Rob Blockchain, Steal Bitcoin, Target Private Email And Get Away With It
Across October and November of last year, some unlucky users of the world’s most popular Bitcoin wallet, Blockchain.info, and one of the better-known exchanges, LocalBitcoins, had their usernames and passwords silently pilfered. They were robbed of significant sums, probably tens of thousands of dollars worth of the virtual currency, possibly more. Security-focused email services, Riseup and Safe-mail were also targeted by the same crew. And according to the man who witnessed the attacks go off last year, Digital Assurance director Greg Jones, it looks like buyers and sellers of dark markets were the targets.
The Wi-Fi sniffing drones are here
I tagged this under "Physical Security" because I consider a drone tracking my movements to be a serious threat to my person.
From The Verge:
The Wi-Fi sniffing drones are here
Marketers have come up with a new way to track a given customer's movement: put a drone on them. According to Venturebeat, a marketing company called Adnear is using drones as part of a test campaign to track user locations through device IDs. It's similar to what marketers already do in stores and malls, but by using mobile drones, Adnear is able to track users in new places where pre-installed sniffers can't reach. "With drones, it becomes so much easier," the director of marketing told the site.
From The Verge:
The Wi-Fi sniffing drones are here
Marketers have come up with a new way to track a given customer's movement: put a drone on them. According to Venturebeat, a marketing company called Adnear is using drones as part of a test campaign to track user locations through device IDs. It's similar to what marketers already do in stores and malls, but by using mobile drones, Adnear is able to track users in new places where pre-installed sniffers can't reach. "With drones, it becomes so much easier," the director of marketing told the site.
Why Firmware Is So Vulnerable to Hacking, and What Can Be Done About It
From Wired:
Why Firmware Is So Vulnerable to Hacking, and What Can Be Done About It
When Kaspersky Lab revealed last week that it had uncovered a sophisticated piece of malware designed to plant malicious code inside the firmware of computers, it should have surprised no one.
Why Firmware Is So Vulnerable to Hacking, and What Can Be Done About It
When Kaspersky Lab revealed last week that it had uncovered a sophisticated piece of malware designed to plant malicious code inside the firmware of computers, it should have surprised no one.
Cyber in the IDF: warfare and security
From iHLS:
Cyber in the IDF: warfare and security
The IDF is preparing for cyberwars to come. The Northern Command has recently inaugurated a cyber security array; the IAF has been practicing various scenarios comprising cyber security and cyber attack targeting its systems.
Cyber in the IDF: warfare and security
The IDF is preparing for cyberwars to come. The Northern Command has recently inaugurated a cyber security array; the IAF has been practicing various scenarios comprising cyber security and cyber attack targeting its systems.
From Hacking Systems To Hacking People
It's called Social Engineering and is well documented. Click here for more info. In the InfoSec world we have a saying "Social Engineering will always work because there's no patch for human stupidity or naivete."
From DarkReading:
From Hacking Systems To Hacking People
New low-tech attack methods like 'visual hacking' demand an information security environment that values data privacy and a self-policing culture.
From DarkReading:
From Hacking Systems To Hacking People
New low-tech attack methods like 'visual hacking' demand an information security environment that values data privacy and a self-policing culture.
Forty-four trillion gigabytes. That’s the anticipated size of the “digital universe” by 2020, according to the IDC Digital Universe Study. Encompassing all data created, replicated, and consumed in one year, this digital universe is largely created and used by a company’s workforce, but the task of protecting this enormous amount of data from hackers falls largely to IT security teams.
Cybercrime, Cyber Espionage Tactics Converge
From DarkReading:
Cybercrime, Cyber Espionage Tactics Converge
Real-world cyberattack investigations by incident response firm Mandiant highlight how hackers are adapting to better achieve their goals.
Cybercrime, Cyber Espionage Tactics Converge
Real-world cyberattack investigations by incident response firm Mandiant highlight how hackers are adapting to better achieve their goals.
To get a sense of just how nation-state attackers are upping their game now, consider this: nearly 80% of phishing emails used in attacks investigated by incident response firm Mandiant last year used IT and security-related topics, or impersonation of those departments or antivirus vendors in order to lure their victims into opening malware-laden attachments and links.
Can your app really do that?
From OnGuardOnline.gov:
Can your app really do that?
Apps can provide hours of entertainment, keep you organized, and help you learn something new. Indeed, apps can be helpful, as long as they provide accurate information. But if you’re trying to analyze a serious medical condition with an app — like whether that mole on your back might be a sign of melanoma — talk with your doctor or another reliable medical professional first. As recent FTC cases show, some health apps make claims they can’t back up.
Can your app really do that?
Apps can provide hours of entertainment, keep you organized, and help you learn something new. Indeed, apps can be helpful, as long as they provide accurate information. But if you’re trying to analyze a serious medical condition with an app — like whether that mole on your back might be a sign of melanoma — talk with your doctor or another reliable medical professional first. As recent FTC cases show, some health apps make claims they can’t back up.
10 Best Tools & Resources For Researching Information Security Jobs
From MakeUseOf:
10 Best Tools & Resources For Researching Information Security Jobs
Whether you’re trying to make a change to your life as part of a New Year’s resolution, or you’ve come home from your summer break to the fear of returning to work, or you’re just looking to get into an interesting field of employment for the first time, making the step into a new career can be intimidating and difficult.
10 Best Tools & Resources For Researching Information Security Jobs
Whether you’re trying to make a change to your life as part of a New Year’s resolution, or you’ve come home from your summer break to the fear of returning to work, or you’re just looking to get into an interesting field of employment for the first time, making the step into a new career can be intimidating and difficult.
Cybercrime Affects More Than 431 Million Adult Victims Globally
From The Inquisitir:
Cybercrime affects more than 431 million adult victims around the world. Since the internet has become such an integral part of governments, businesses, and the lives of millions of people, cyberspace has become an ideal place, allowing criminals to remain anonymous while they prey on victims.
Cybercrime ring controlling millions of PCs crippled
From Business Times:
Cybercrime ring controlling millions of PCs crippled
A cybercrime ring using 3.2 million hacked computers worldwide to steal banking information by seizing control of servers has been disrupted by European police and technology companies, officials said on Wednesday.
Cybercrime ring controlling millions of PCs crippled
A cybercrime ring using 3.2 million hacked computers worldwide to steal banking information by seizing control of servers has been disrupted by European police and technology companies, officials said on Wednesday.
Banking malware spreading via Microsoft Word macros
From Graham Cluely:
Banking malware spreading via Microsoft Word macros
Back in 1995, the anti-virus world took a sharp intake of breath as it realised that malware wasn't just limited to boot sectors, EXE and COM files.
Banking malware spreading via Microsoft Word macros
Back in 1995, the anti-virus world took a sharp intake of breath as it realised that malware wasn't just limited to boot sectors, EXE and COM files.
Windows? No, Linux and Mac OS X Most Vulnerable Operating System in 2014
I admit, this one took me by surprise.
From The Hacker News:
Windows? No, Linux and Mac OS X Most Vulnerable Operating System in 2014
Apple’s operating system is considered to be the most secure operating system whether it’s Mac OS X for desktop computers or iOS for iPhones. But believe it or not, they are the most vulnerable operating system of year 2014.
From The Hacker News:
Windows? No, Linux and Mac OS X Most Vulnerable Operating System in 2014
Apple’s operating system is considered to be the most secure operating system whether it’s Mac OS X for desktop computers or iOS for iPhones. But believe it or not, they are the most vulnerable operating system of year 2014.
5 Ways To Prepare For IoT Security Risks
From DarkReading:
5 Ways To Prepare For IoT Security Risks
As the Internet of Things begins to take shape, IT organizations must prepare for change.
5 Ways To Prepare For IoT Security Risks
As the Internet of Things begins to take shape, IT organizations must prepare for change.
Enterprises can expect to see some fundamental changes in the information security and data privacy landscape as the Internet of Things (IoT) begins to take shape over the next several years.
Wednesday, March 11, 2015
Business spotlight on cybercrime
From The Telegraph:
Business spotlight on cybercrime
In the wake of the Sony email hacking case, business expert Rachel Bridge looks at cybercrime and how you can protect your business
Business spotlight on cybercrime
In the wake of the Sony email hacking case, business expert Rachel Bridge looks at cybercrime and how you can protect your business
SSL-busting code that threatened Lenovo users found in a dozen more apps
From ars technica:
SSL-busting code that threatened Lenovo users found in a dozen more apps
The list of software known to use the same HTTPS-breaking technology recently found preinstalled on Lenovo laptops has risen dramatically with the discovery of at least 12 new titles, including one that's categorized as a malicious trojan by a major antivirus provider.
SSL-busting code that threatened Lenovo users found in a dozen more apps
The list of software known to use the same HTTPS-breaking technology recently found preinstalled on Lenovo laptops has risen dramatically with the discovery of at least 12 new titles, including one that's categorized as a malicious trojan by a major antivirus provider.
Gemalto Claims Its Products Are ‘Secure’ In Response To Reported NSA Hack
From TechCrunch:
Gemalto Claims Its Products Are ‘Secure’ In Response To Reported NSA Hack
Gemalto, the SIM card maker that reportedly had its encryption keys stolen by the NSA and GCHQ, has claimed that its products are secure, despite apparent leaked NSA documents suggesting otherwise.
Gemalto Claims Its Products Are ‘Secure’ In Response To Reported NSA Hack
Gemalto, the SIM card maker that reportedly had its encryption keys stolen by the NSA and GCHQ, has claimed that its products are secure, despite apparent leaked NSA documents suggesting otherwise.
Cyber insurance: Dare leave home without it
From The Washington Examiner:
Cyber insurance: Dare leave home without it
When a mid-February report revealed that more than 100 banks were hacked in what appears to have resulted in over $1 billion stolen from these financial institutions, it was just another reminder of how ubiquitous cyberattacks have become.
Cyber insurance: Dare leave home without it
When a mid-February report revealed that more than 100 banks were hacked in what appears to have resulted in over $1 billion stolen from these financial institutions, it was just another reminder of how ubiquitous cyberattacks have become.
Hacker Extorts Bitcoin Ransom From Illinois Police Department
Someone should nominate this jackass for a Darwin award. Somehow I don't think extorting a PD is going to end well for him.
From The Huffington Post:
Hacker Extorts Bitcoin Ransom From Illinois Police Department
A suburban Chicago police department paid a hacker a $500 ransom to restore access to data on a police computer that the hacker had disabled through the use of an increasingly popular type of virus.
From The Huffington Post:
Hacker Extorts Bitcoin Ransom From Illinois Police Department
A suburban Chicago police department paid a hacker a $500 ransom to restore access to data on a police computer that the hacker had disabled through the use of an increasingly popular type of virus.
How Malware Can Track Your Smartphone Without Using Location Data
From Technology Review:
How Malware Can Track Your Smartphone Without Using Location Data
The way your smartphone uses power provides a simple way to track it, say computer scientists who have developed an app to prove it.
How Malware Can Track Your Smartphone Without Using Location Data
The way your smartphone uses power provides a simple way to track it, say computer scientists who have developed an app to prove it.
How the NSA’s Firmware Hacking Works and Why It’s So Unsettling
From Wired:
How the NSA’s Firmware Hacking Works and Why It’s So Unsettling
One of the most shocking parts of the recently discovered spying network Equation Group is its mysterious module designed to reprogram or reflash a computer hard drive’s firmware with malicious code. The Kaspersky researchers who uncovered this said its ability to subvert hard drive firmware—the guts of any computer—“surpasses anything else” they had ever seen.
How the NSA’s Firmware Hacking Works and Why It’s So Unsettling
One of the most shocking parts of the recently discovered spying network Equation Group is its mysterious module designed to reprogram or reflash a computer hard drive’s firmware with malicious code. The Kaspersky researchers who uncovered this said its ability to subvert hard drive firmware—the guts of any computer—“surpasses anything else” they had ever seen.
“TNT” gang has released a new hardware TDoS tool in the criminal underground
Back in the day we called this "Boxing" or "Phreaking."
From Security Affairs:
“TNT” gang has released a new hardware TDoS tool in the criminal underground
Telephone DDoS attacks are on the rise, the criminal group known as “TNT” gang has released a new hardware tool in the underground ecosystem.
From Security Affairs:
“TNT” gang has released a new hardware TDoS tool in the criminal underground
Telephone DDoS attacks are on the rise, the criminal group known as “TNT” gang has released a new hardware tool in the underground ecosystem.
Hackers attack the US State Department thousands of times a day
From Digital Trends:
Hackers attack the US State Department thousands of times a day
You might occasionally worry over misplaced passwords and phishing attempts, but take comfort in the fact that you’re not the U.S. State Department. Officials have revealed that the government blocks thousands of hacking attacks every day, and works with a variety of different agencies to keep unwelcome visitors at bay.
Hackers attack the US State Department thousands of times a day
You might occasionally worry over misplaced passwords and phishing attempts, but take comfort in the fact that you’re not the U.S. State Department. Officials have revealed that the government blocks thousands of hacking attacks every day, and works with a variety of different agencies to keep unwelcome visitors at bay.
Subscribe to:
Posts (Atom)